HIGH✓ PATCH🇵🇱 Wersja polska

CVE-2020-3351

CVSS 8.6v3.1pub. 2020-07-16upd. 2024-11-21

A vulnerability in Cisco SD-WAN Solution Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to improper validation of fields in Cisco SD-WAN peering messages that are encapsulated in UDP packets. An attacker could exploit this vulnerability by sending crafted UDP messages to the targeted system. A successful exploit could allow the attacker to cause services on the device to fail, resulting in a DoS condition that could impact the targeted device and other devices that depend on it.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
  • Cisco Sd Wan Firmware

    OS
    Cisco
    < 17.2.717.2.8 – 18.3.0 (bez)
  • Cisco Vedge 100

    HW
    Cisco
    wszystkie wersje
  • Cisco Vedge 1000

    HW
    Cisco
    wszystkie wersje
  • Cisco Vedge 100b

    HW
    Cisco
    wszystkie wersje
  • Cisco Vedge 100m

    HW
    Cisco
    wszystkie wersje
  • Cisco Vedge 100wm

    HW
    Cisco
    wszystkie wersje
  • Cisco Vedge 2000

    HW
    Cisco
    wszystkie wersje
  • Cisco Vedge 5000

    HW
    Cisco
    wszystkie wersje
  • Cisco Vedge Cloud Router

    APP
    Cisco
    wszystkie wersje
  • Cisco Vsmart Controller

    APP
    Cisco
    wszystkie wersje
🟢
PATCH AVAILABLE
Vendor update available. Deploy in standard maintenance cycle.
Tags
DoS
CWE
References

Related vulnerabilities

CVE-2021-1300CRITICAL9.8ten sam produkt

Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute a...

CVE-2021-1301CRITICAL9.8ten sam produkt

Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute a...

CVE-2019-1651CRITICAL9.9ten sam produkt

A vulnerability in the vContainer of the Cisco SD-WAN Solution could allow an authenticated, remote attacker t...

CVE-2018-0349CRITICAL9.8ten sam produkt

A vulnerability in the Cisco SD-WAN Solution could allow an authenticated, remote attacker to overwrite arbitr...

CVE-2021-1528HIGH7.8ten sam produkt

A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain eleva...